Paper 2012/256

The myth of generic DPA...and the magic of learning

Carolyn Whitnall, Elisabeth Oswald, and François-Xavier Standaert


A generic DPA strategy is one which is able to recover secret information from physically observable device leakage without any a priori knowledge about the device's leakage characteristics. Here we provide much-needed clarification on results emerging from the existing literature, demonstrating precisely that such methods (strictly defined) are inherently restricted to a very limited selection of target functions. Continuing to search related techniques for a `silver bullet' generic attack appears a bootless errand. However, we find that a minor relaxation of the strict definition---the incorporation of some minimal non-device-specific intuition---produces scope for generic-emulating strategies, able to succeed against a far wider range of targets. We present stepwise regression as an example of such, and demonstrate its effectiveness in a variety of scenarios. We also give some evidence that its practical performance matches that of `best bit' DoM attacks which we take as further indication for the necessity of performing profiled attacks in the context of device evaluations.

Note: Revised to match author version of the article as published in the proceedings of CT-RSA 2014.

Available format(s)
Publication info
Published elsewhere. Proceedings of CT-RSA 2014
side-channel analysisdifferential power analysisgeneric DPA
Contact author(s)
carolyn whitnall @ bris ac uk
2014-08-04: last of 2 revisions
2012-05-09: received
See all versions
Short URL
Creative Commons Attribution


      author = {Carolyn Whitnall and Elisabeth Oswald and François-Xavier Standaert},
      title = {The myth of generic DPA...and the magic of learning},
      howpublished = {Cryptology ePrint Archive, Paper 2012/256},
      year = {2012},
      doi = {10.1007/978-3-319-04852-9_10.},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.